Total
17788 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4904 | 2 Joomla, Simon Philips | 2 Joomla\!, Com Aardvertiser | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_name parameter in a view action to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2012-5453 | 1 Atutor | 1 Acontent | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-5167. | |||||
| CVE-2011-0644 | 1 Phpcms | 1 Phpcms 2008 | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php. | |||||
| CVE-2012-1234 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234. | |||||
| CVE-2010-2853 | 1 Iscripts | 1 Visualcaster | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote attackers to execute arbitrary SQL commands via the product_id parameter. | |||||
| CVE-2010-3467 | 1 E-xoopport | 1 Samsara | 2025-04-11 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action. | |||||
| CVE-2009-4749 | 1 Phplivesupport | 1 Php Live\! | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PHP Live! 3.2.1 and 3.2.2 allow remote attackers to execute arbitrary SQL commands via the x parameter to (1) message_box.php and (2) request.php. | |||||
| CVE-2013-3530 | 2 Fabricio Zuardi, Wordpress | 2 Xspf Player Plugin, Wordpress | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the playlist_id parameter. | |||||
| CVE-2010-2140 | 1 Multishopcms | 1 Multishop Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute arbitrary SQL commands via the itemid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2013-3510 | 1 Gwos | 1 Groundwork Monitor | 2025-04-11 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote authenticated users to execute arbitrary SQL commands via (1) nedi/html/System-Export.php, (2) nedi/html/Devices-List.php, or (3) the Noma component. | |||||
| CVE-2010-2047 | 1 Joenasejes | 1 Je Cms | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewcategory action. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2013-1177 | 1 Cisco | 1 Network Admission Control Manager And Server System Software | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095. | |||||
| CVE-2010-0454 | 1 Fabricadigital | 1 Publique\! | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in Publique! 2.3 allows remote attackers to execute arbitrary SQL commands via the sid parameter. | |||||
| CVE-2010-4356 | 1 Site2nite | 1 Big Truck Broker | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter. | |||||
| CVE-2010-4703 | 1 Hotwebscripts | 1 Hotweb Rentals | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4797 | 1 Jobhut.spranger | 1 Jobhut | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.php in JobHut 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the pk parameter. | |||||
| CVE-2010-5008 | 1 Denaliintranet | 1 Brightsuite Groupware | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in pages/contact_list_mail_form.asp in BrightSuite Groupware 5.4 allows remote attackers to execute arbitrary SQL commands via the ContactID parameter. | |||||
| CVE-2012-3470 | 1 Ushahidi | 1 Ushahidi Platform | 2025-04-11 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to _get_countries functions. | |||||
| CVE-2010-4910 | 1 Coldgen | 1 Coldcalendar | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to execute arbitrary SQL commands via the EventID parameter in a ViewEventDetails action. | |||||
| CVE-2013-3602 | 1 Trivantis | 1 Coursemill Learning Management System | 2025-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter. | |||||